Senyonjo
asked on
Random Posword not Updating in Database
Hi there,
The scripts below, remember_me.php and function.inc.php are supposed to generate a random password and update corresponding field in the database.
Once prompted, they generate the random password and sends them to the user's email. But the generated password is not updated in the database and so the user cannot login.
Can someone help me where I'm going wrong.
remember_me.php Script
===================
<?php
//brians code start here
include "functions.inc.php";
include "error_messages.inc.php";
//action=add means usr pressd the submit button
if ($action =="email")
{
$error_found=false;
$error="";
//start validating the user input
if($email=="")
{
$error_found=true;
$error.=ERR_EMAIL_BLANK;
}
if(!$error_found)
{
{
//{
$host="mysql.xcalibre.co.u k";
$uname="xxxxxx";
$pass="xxx";
$database="xxxxx";
$tablename="g_workers";
$connect= mysql_connect($host,$uname ,$pass) or die("Could not connect you to Bizafrican Database! <br>");
$selectdb=mysql_select_db( $database) or die("Could not select the Bizafrican Database for you");
$mingle = "decode(password, '".$password."')";
$sqlquery = ("select email,username, " .$mingle. " as password from g_workers where email ='".$email ."' ");
$queryresult = mysql_query($sqlquery,$con nect)or die("could not execute the query.");
if ($row = mysql_fetch_array($queryre sult))
{
$email = $row["email"];
$from = "dba@guardwise.com";
$subject = "Guardwise.com - Important message for you";
$message = "Your username is: ". $row["username"]."\n".
"Your password is: ". new_password($row["usernam e"])."\n"; //edited here
$message .= "xxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx.\n
DBA/Support";
mail($email,$subject,$mess age,"From: sssssssss.com <dba@ssssssssss.com>");
Header("Location: http://www.sssssss.com/remember_done.htm");
exit;
}
else
{
$error_found=true;
$error.=ERR_EMAIL_NONE;
}
}
}
}
?>
==========================
Functions Script
==========
<?
//this function generate the select box for the selected external file
function makeCombo($optname,$optfil e,$optsel, $optex,$op tremove='- 1000'){ //returns string containing select tag
if(!is_array($optremove)) $optremove=explode(",",$op tremove);
$combo="<select name='$optname' $optex>";
include $optfile;
foreach($manutmp as $key => $value){
$tosel="";
if($optsel==$key){
$tosel="selected";
}
if(in_array($key,$optremov e) == false)$combo.="<option value='$key' $tosel>$value\n";
}
$combo.="</select>";
return $combo;
}
//this will return the select value from the select box
function getComboValue($optfile,$op tkey){
include $optfile;
return $manutmp[$optkey];
}
//encrypt the password
function encrypt_password($input)
{
return md5($input);
}
//generate the random password
function new_password ($userid,$length=10) {
// if you want extended ascii, then add the characters to the array
$characters = array('a','b','c','d','e', 'f','g','h ','i','j', 'k','l','m ','n','o', 'p','q','r ','s','t', 'u','v','w ','x','y', 'z','A','B ','C','D', 'E','F','G ','H','I', 'J','K','L ','M','N', 'O','P','Q ','R','S', 'T','U','V ','W','X', 'Y','Z','0 ','1','2', '3','4','5 ','6','7', '8','9');
$random_str = "";
for ($i = 0; $i <= $length; $i++) {
srand((double)microtime()* 1000000);
$random_chr = round(rand(0, count($characters)-1));
$random_str .= $characters[$random_chr];
}
//update the password for the user into databae
//update table pasword = encrypt_password($random_s tr)
$db_name = "afrika";
$table_name = "biznames";
$connection = @mysql_connect("mysql.xcal ibre.co.uk ", "bbbbbb", "bbbbb") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
$sql = "UPDATE $table_name
SET
password = '". md5($random_str) ."'
WHERE email = '". $email ."'
";
$result = mysql_query($sql,$connecti on) or die("Couldn't execute query.");
return $random_str;
}
?>
The scripts below, remember_me.php and function.inc.php are supposed to generate a random password and update corresponding field in the database.
Once prompted, they generate the random password and sends them to the user's email. But the generated password is not updated in the database and so the user cannot login.
Can someone help me where I'm going wrong.
remember_me.php Script
===================
<?php
//brians code start here
include "functions.inc.php";
include "error_messages.inc.php";
//action=add means usr pressd the submit button
if ($action =="email")
{
$error_found=false;
$error="";
//start validating the user input
if($email=="")
{
$error_found=true;
$error.=ERR_EMAIL_BLANK;
}
if(!$error_found)
{
{
//{
$host="mysql.xcalibre.co.u
$uname="xxxxxx";
$pass="xxx";
$database="xxxxx";
$tablename="g_workers";
$connect= mysql_connect($host,$uname
$selectdb=mysql_select_db(
$mingle = "decode(password, '".$password."')";
$sqlquery = ("select email,username, " .$mingle. " as password from g_workers where email ='".$email ."' ");
$queryresult = mysql_query($sqlquery,$con
if ($row = mysql_fetch_array($queryre
{
$email = $row["email"];
$from = "dba@guardwise.com";
$subject = "Guardwise.com - Important message for you";
$message = "Your username is: ". $row["username"]."\n".
"Your password is: ". new_password($row["usernam
$message .= "xxxxxxxxxxxxxxxxxxxxxxxxx
DBA/Support";
mail($email,$subject,$mess
Header("Location: http://www.sssssss.com/remember_done.htm");
exit;
}
else
{
$error_found=true;
$error.=ERR_EMAIL_NONE;
}
}
}
}
?>
==========================
Functions Script
==========
<?
//this function generate the select box for the selected external file
function makeCombo($optname,$optfil
if(!is_array($optremove)) $optremove=explode(",",$op
$combo="<select name='$optname' $optex>";
include $optfile;
foreach($manutmp as $key => $value){
$tosel="";
if($optsel==$key){
$tosel="selected";
}
if(in_array($key,$optremov
}
$combo.="</select>";
return $combo;
}
//this will return the select value from the select box
function getComboValue($optfile,$op
include $optfile;
return $manutmp[$optkey];
}
//encrypt the password
function encrypt_password($input)
{
return md5($input);
}
//generate the random password
function new_password ($userid,$length=10) {
// if you want extended ascii, then add the characters to the array
$characters = array('a','b','c','d','e',
$random_str = "";
for ($i = 0; $i <= $length; $i++) {
srand((double)microtime()*
$random_chr = round(rand(0, count($characters)-1));
$random_str .= $characters[$random_chr];
}
//update the password for the user into databae
//update table pasword = encrypt_password($random_s
$db_name = "afrika";
$table_name = "biznames";
$connection = @mysql_connect("mysql.xcal
$db = @mysql_select_db($db_name,
$sql = "UPDATE $table_name
SET
password = '". md5($random_str) ."'
WHERE email = '". $email ."'
";
$result = mysql_query($sql,$connecti
return $random_str;
}
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This thread on siteforums.com (http://www.sitepoint.com/forums/showthread.php?t=156431) explains the main reasons.
While none of them are likely to affect you in any way in this script, and either of my solutions above are valid, it's nothing more than a good practise to get into, because passing variables in a function's parameter list is foolproof, whereas using global variables isn't. Why waste the time to make a case by case decision about which to use?
I hope this a) fixes your problem and b) gives you a useful insight into further PHP programming,
_Blue
P.S. It's supposed to say "to echo it to screen" in my above post, if you hadn't guessed.
While none of them are likely to affect you in any way in this script, and either of my solutions above are valid, it's nothing more than a good practise to get into, because passing variables in a function's parameter list is foolproof, whereas using global variables isn't. Why waste the time to make a case by case decision about which to use?
I hope this a) fixes your problem and b) gives you a useful insight into further PHP programming,
_Blue
P.S. It's supposed to say "to echo it to screen" in my above post, if you hadn't guessed.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
While none of them are likely to affect you in any way in this script, and either of my solutions above are valid, it's nothing more than a good practise to get into, because passing variables in a function's parameter list is foolproof, whereas using global variables isn't. Why waste the time to make a case by case decision about which to use?
I hope this a) fixes your problem and b) gives you a useful insight into further PHP programming,
_Blue
P.S. It's supposed to say "to echo it to screen" in my above post, if you hadn't guessed.